Security Enhancements
- Hardened API Key Storage: Upgraded hash strength using PBKDF2 for all stored API keys.
- Timing Attack Prevention: Implemented double HMAC validation and fixed validation vulnerabilities to prevent side-channel attacks.
- Data Leak Protection: Modified proxy ID generation to ensure sensitive credentials (API keys and passwords) are excluded from deterministic flows.
Features & UI Updates
- Workflow Automation: Added a new
Navigate Toblock to the task builder for better flow control. - Template System: Introduced support for the
{$html}template variable and reserved the "html" variable name for agent-specific JavaScript use.
Performance & Reliability
- I/O Optimization: Debounced execution logging to reduce disk I/O pressure and improve server responsiveness.
- Networking Stability: Added a comprehensive test suite for IP normalization functions to ensure networking consistency.
- Code Maintenance: Removed unused taskMutex imports in the server module.
Full Changelog: v0.6.3...v0.6.4